You are here

Apple (Finally) Introduces Two-Step Authentication

After a simple yet devastating hack of its security went public last August, Apple has -- just eight months later -- introduced a two-step authentication system.

Back in early August 2012, Wired.com's Mat Honan was devastated to find that hackers were able to gain access to his MacBook, iPhone, and Gmail account after easily bypassing both Apple and Amazon security systems.

Hackers Exploit Simple Security Systems

Hackers used a simple trick: they called Amazon to request a password change. When prompted by an Amazon representative, they presented Honan's name, billing address, and email address.

Once they were into his Amazon account, the hackers took the last four digits of his credit card number and contacted Apple. Because this was the only information required to access an Apple iCloud account, the hackers gained entry to Honan's MacBook and iPhone.

They then wiped everything clean.

Apple and Amazon faced loads of criticism for using such pathetic security systems to protect tens of millions of users. Now, in late March 2013, Apple has finally done something about it.

Special Code Sent to Smartphone

The company will now use a two-factor authentication system, meaning users (and hackers) must present two separate pieces of identification in order to access an account. (Source: venturebeat.com)

Specifically, Apple says it will offer users an application for their phones that sends a text message code which can be used to access an account.

All it takes for Apple users to set up two-factor authentication is a visit to the Apple ID website. After setting up an Apple ID and logging in, you'll need to click on the security tab. You'll then be prompted to identify a "trusted device" that can receive texted codes. (Source: apple.com)

Apple's decision to introduce two-factor authentication is also a response to a recently-discovered password-reset exploit that allowed hackers to gain access to accounts with just an email address and date of birth.